Pelmeni Wrapper: New Wrapper of Kazuar (Turla Backdoor)
released on 2024-02-21 @ 09:19:07 AM
A new malware sample used in targeted campaigns by the Turla APT group has been analyzed. The malware employs a new wrapper, dubbed Pelmeni, to deploy the Kazuar backdoor. Differences in exfiltration methods and logging from previous versions of Kazuar were identified.